[funsec] Consumer Reports Slammed for Creating 'Test' Viruses
security curmudgeon
jericho at attrition.org
Thu Aug 17 12:55:09 CDT 2006
On Thu, 17 Aug 2006, Blanchard_Michael at emc.com wrote:
: You use the existing viruses that are out there. In order to be a variant,
: there has to be some similarities that you can produce your pattern sig for.
:
: I'll repeat, never, EVER is it warrented to create new viruses for any
: reason, period.
So, let's say 10,000 viruses exist where any single one has 100 variants.
How does your pattern match do .. very well against the 100 known and how
well against the next 100 variants? Does one assume that all the
documented/public variants are indicative of a diverse set of examples?
More information about the funsec
mailing list